Changes I’ve made just now, based on what I’m reading in the forums…
I’ve changed my zwiftinsider.com and www.zwiftinsider.com DNS records to the grey cloud based on what @domjh says here. I’ve done this even though “faiz” at Cloudflare support told me “You will need to proxy the traffic to Cloudflare by changing the authoritative nameservers and mark the DNS records to orange-cloud for the Universal SSL to be issued.”
I’ve done this because it gets my site working again, https traffic functions with the grey cloud.
I also clicked to “Disable Universal SSL” then clicked again to re-enable it, in order to start the cert process again. This based on #3 “Quick Fix Ideas” here.